google_cloud_securitycenter_v2::model::mitre_attack

Enum Technique

#[non_exhaustive]pub enum Technique {
Show 139 variants    Unspecified,
    DataObfuscation,
    DataObfuscationSteganography,
    OsCredentialDumping,
    OsCredentialDumpingProcFilesystem,
    OsCredentialDumpingEtcPasswordAndEtcShadow,
    DataFromLocalSystem,
    AutomatedExfiltration,
    ObfuscatedFilesOrInfo,
    Steganography,
    CompileAfterDelivery,
    CommandObfuscation,
    ScheduledTransfer,
    SystemOwnerUserDiscovery,
    Masquerading,
    MatchLegitimateNameOrLocation,
    BootOrLogonInitializationScripts,
    StartupItems,
    NetworkServiceDiscovery,
    ScheduledTaskJob,
    ScheduledTaskJobCron,
    ContainerOrchestrationJob,
    ProcessInjection,
    InputCapture,
    InputCaptureKeylogging,
    ProcessDiscovery,
    CommandAndScriptingInterpreter,
    UnixShell,
    Python,
    ExploitationForPrivilegeEscalation,
    PermissionGroupsDiscovery,
    CloudGroups,
    IndicatorRemoval,
    IndicatorRemovalClearLinuxOrMacSystemLogs,
    IndicatorRemovalClearCommandHistory,
    IndicatorRemovalFileDeletion,
    IndicatorRemovalTimestomp,
    IndicatorRemovalClearMailboxData,
    ApplicationLayerProtocol,
    Dns,
    SoftwareDeploymentTools,
    ValidAccounts,
    DefaultAccounts,
    LocalAccounts,
    CloudAccounts,
    FileAndDirectoryDiscovery,
    AccountDiscoveryLocalAccount,
    Proxy,
    ExternalProxy,
    MultiHopProxy,
    AccountManipulation,
    AdditionalCloudCredentials,
    AdditionalCloudRoles,
    SshAuthorizedKeys,
    AdditionalContainerClusterRoles,
    MultiStageChannels,
    IngressToolTransfer,
    NativeApi,
    BruteForce,
    AutomatedCollection,
    SharedModules,
    DataEncoding,
    StandardEncoding,
    AccessTokenManipulation,
    TokenImpersonationOrTheft,
    CreateAccount,
    LocalAccount,
    DeobfuscateDecodeFilesOrInfo,
    ExploitPublicFacingApplication,
    SupplyChainCompromise,
    CompromiseSoftwareDependenciesAndDevelopmentTools,
    ExploitationForClientExecution,
    UserExecution,
    LinuxAndMacFileAndDirectoryPermissionsModification,
    DomainPolicyModification,
    DataDestruction,
    DataEncryptedForImpact,
    ServiceStop,
    InhibitSystemRecovery,
    FirmwareCorruption,
    ResourceHijacking,
    NetworkDenialOfService,
    CloudServiceDiscovery,
    StealApplicationAccessToken,
    AccountAccessRemoval,
    TransferDataToCloudAccount,
    StealWebSessionCookie,
    CreateOrModifySystemProcess,
    EventTriggeredExecution,
    BootOrLogonAutostartExecution,
    KernelModulesAndExtensions,
    ShortcutModification,
    AbuseElevationControlMechanism,
    AbuseElevationControlMechanismSetuidAndSetgid,
    AbuseElevationControlMechanismSudoAndSudoCaching,
    UnsecuredCredentials,
    CredentialsInFiles,
    BashHistory,
    PrivateKeys,
    SubvertTrustControl,
    InstallRootCertificate,
    CompromiseHostSoftwareBinary,
    CredentialsFromPasswordStores,
    ModifyAuthenticationProcess,
    PluggableAuthenticationModules,
    MultiFactorAuthentication,
    ImpairDefenses,
    DisableOrModifyTools,
    IndicatorBlocking,
    DisableOrModifyLinuxAuditSystem,
    HideArtifacts,
    HiddenFilesAndDirectories,
    HiddenUsers,
    ExfiltrationOverWebService,
    ExfiltrationToCloudStorage,
    DynamicResolution,
    LateralToolTransfer,
    HijackExecutionFlow,
    HijackExecutionFlowDynamicLinkerHijacking,
    ModifyCloudComputeInfrastructure,
    CreateSnapshot,
    CloudInfrastructureDiscovery,
    DevelopCapabilities,
    DevelopCapabilitiesMalware,
    ObtainCapabilities,
    ObtainCapabilitiesMalware,
    ObtainCapabilitiesVulnerabilities,
    ActiveScanning,
    ScanningIpBlocks,
    StageCapabilities,
    UploadMalware,
    ContainerAdministrationCommand,
    DeployContainer,
    EscapeToHost,
    ContainerAndResourceDiscovery,
    ReflectiveCodeLoading,
    StealOrForgeAuthenticationCertificates,
    FinancialTheft,
    UnknownValue(UnknownValue),
}

Expand description

MITRE ATT&CK techniques that can be referenced by Security Command Center findings. See: https://attack.mitre.org/techniques/enterprise/

§Working with unknown values

This enum is defined as #[non_exhaustive] because Google Cloud may add additional enum variants at any time. Adding new variants is not considered a breaking change. Applications should write their code in anticipation of:

New values appearing in future releases of the client library, and
New values received dynamically, without application changes.

Please consult the Working with enums section in the user guide for some guidelines.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

§